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Application No. ^3/ Applicant(s) 

09/489,328 MIETTINEN ET AL 

Examiner Art Unit 

Ahmedur Ali 2131 
The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). ' ' 

Status 

1 )[3 Responsive to communication(s) filed on 21 January 2000 . 
2a)D This action is FINAL. 2b)l3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) [3 Claim(s) 1-26 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) K Claim(s) 1-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) E1 The drawing(s) filed on 21 January 2000 is/are: a)D accepted or b)[3 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

1 1) D The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 

Attachment(s) 

1 ) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) Paper No(s). . 

2) [3 Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) Q Notice of Informal Patent Application (PTO-152) 

3) O Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 

U.S. Patent and Trademark Office 

PTOL-326 (Rev. 04-01 ) Office Action Summary Part of Paper No 
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DETAILED ACTION 



1 . The application has been examined. Claims 1-26 are pending in this office 
action. 



2. The drawings are objected to by the draftsperson. A proposed drawing 
correction or corrected drawings are required in reply to the Office Action to avoid 
abandonment of the application. The objection to the drawings will not be held in 
abeyance. 



3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims 3-4, and 19 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

Regarding claim 3-4, and 19, the phrase "or the like" renders the claim(s) 
indefinite because the claim(s) include(s) elements not actually disclosed (those 
encompassed by "or the like"), thereby rendering the scope of the claim(s) 
unascertainable. See MPEP § 2173.05(d). 



Drawings 



Claim Rejections - 35 USC §112 
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Claim Rejections - 35 USC § 102 



5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

6. Claims 1-26 are rejected under 35 U.S.C. 102(e) as being anticipated by Bisbee 
et al. U.S. Patent No. 6,367,013 ('Bisbee' hereinafter). 

7. With respect to claim 1 , Bisbee discloses a method for issuing an electronic 
identity for an entity from an identity registration authority (see abstract), the method 
comprising the steps of: 

a) issuing a first electronic identity for said entity (see Fig. 1 , col. 6, lines 39-41); 

b) creating a request for a second electronic identity for said entity, the request 
including an identifier of said entity (see col. 5, lines 6-14); 

c) sending said request to said identity registration authority (see col. 11 , lines 
20-32; Fig. 2); 

d) in response to said request, creating an identification response (see col. 3, 
lines 55-65; col. 4, lines 49-65); 

e) sending said identification response to said entity (see col. 4, lines 49-67 to 
col. 5, lines 1-5); 
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f) verifying an acceptability of said identification response by said entity (see col. 
5, lines 36-41); 

g) in response said verifying, if said identification response is acceptable, signing 
digitally said identification response by said first entity (see col. 8, lines 51-57; col. 13, 
lines 13-24); 

h) sending said signed response to said identity registration authority (see col. 8, 
lines 51-57); 

i) verifying a validity of said digital signature and said identification response in 
said signed response (see col. 5, lines 36-43; col. 13, lines 26-33, 48-51); and 

j) in response to said verifying, if said digital signature and identification response 
are valid, issuing a second identity based on said first identity (see col. 5, lines 6-35). 

8. Claim 2 rejected as above in rejecting claim 1 , further comprising a second entity 
by which said first entity digitally signs said identification response (see col. 5, lines 6- 
54). 

9. Claim 3 rejected as above in rejecting claim 1 , further comprising the steps of: 
checking if the information of said second entity is available using said identifier 

(see col. 5, lines 36-54); and 

in response said checking, if said information is not available, inquiring the 
information of said second entity from said first entity (see col. 5, lines 36-54). 

10. Claim 4 rejected as above in rejecting claim 2, wherein said second entity is in 
control of said first entity (see col. 4, lines 33-67 to col. 5, lines 1-14). 
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1 1 . Claim 5 rejected as above in rejecting claim 3, wherein said information of said 
second entity comprises one or more from the set containing a unique address of said 
second entity, the name of the holder of said second entity and previous identity or 
identities of said second entity (see col. 5 t lines 36-67 to col. 6, lines 1-21). 

12. Claim 6 rejected as above in rejecting claim 1 , further comprising the step of: 
establishing and encrypting a communication channel between said first entity 

and said identity registration authority to ensure confidential communication there 
between (see Fig. 1; col. 6, lines 65-67 to col. 7, lines 1-2; col. 8, lines 9-20). 

1 3. Claim 7 rejected as above in rejecting claim 1 , further comprising the step of: 
storing said issued second identity to the database of said identity registration 

authority (col. 3, lines 55-65; col. 4, lines 33-48; col. 5, lines 15-35). 

14. Claim 8 rejected as above in rejecting claim 1 , further comprising the step of: 
storing said issued second identity to the database of the issuer of said first 

electronic identity (see col. 3, lines 55-65; col. 4, lines 33-48; col. 5Jihes 15-35). 

1 5. Claim 9 rejected as above in rejecting claim 1 , further comprising the step of: 
combining said first and said second electronic identities to form a combined 

electronic identity (see col. 8, lines 57-61 ; col. 9, lines 27-32); and 

storing said combined electronic identity to the database (see col. 1 1 , lines 20- 
32, Fig. 2; col. 16, lines 47-55). 

16. Claim 10 rejected as above in rejecting claim 1, further comprising the step of: 

sending said issued second identity to said entity (see col. 5, lines 6-14). 
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1 7. Claim 1 1 rejected as above in rejecting claim 1 further comprising the step of: 
sending said issued second identity to a third party (see col. 5, lines 36-41 ). 

18. Claim 12 rejected as above in rejecting claim 1 , before the step of issuing said 
second identity further comprising the steps of: 

checking if additional guarantees for ensuring a validity of the first identity are to 
be acquired (see col. 4, lines 33-48), and 

in response to said checking, if additional guarantees are needed, acquiring 
additional guarantees (see col. 3, lines 55-62; col. 4, lines 33-57). 

1 9. Claim 1 3 rejected as above in rejecting claim 1 , further comprising the steps of: 
adding a time stamp to said issued second identity (see col. 4, lines 33-48); and 
storing said time stamped second identity to the database of said registration 

authority (see col. 4,lines 33-48; col. 5, lines 6-35). 

20. Claim 1 4 rejected as above in rejecting claim 1 , further comprising the step of: 
adding into said time stamp a expiration date of said second electronic identity 

(see col. 5, lines 36-54). 

21 . Claim 1 5 rejected as above in rejecting claim 1 , further comprising the steps of: 
adding a notarization to said issued second identity (see col. 5, lines 55-67 to col. 

6, lines 1-20); and 

storing said notarized second identity to the database of said registration 
authority (see col. 3, lines 55-65; col. 4, lines 33-48; col. 5, lines 15-35). 
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22. Claim 16 rejected as above in rejecting claim 1 , further comprising the steps of: 
inquiring a further identifier code to be added into said signed identification 

response (see col. 5, lines 36-54; col. 14, lines 44-60); 

receiving said identifier code at said registration authority (see col. 5, lines 36-54; 
col. 7, lines 35-40; col. 14, lines 44-60); and 

verifying the validity of said identifier code at said registration authority (see col. 
5, lines 36-54; col. 7, lines 35-40). 

23. Claim 17 rejected as above in rejecting claim 16, wherein said identifier code 
includes one or more from the set containing biometric code of said first entity, a 
predetermined character string, a fingerprint of the entity's public key, random number, 
certificate, and a hash code of the shared secret between said first entity and said 
registration authority (see col. 7, lines 55-65; col. 8, lines 51-67 to col. 9, lines 1-5; col. 
9, lines 65-67 to col. 10, lines 1-17). 

24. Claim 1 8 rejected as above in rejecting claim 1 , further comprising the steps of: 
creating a first hash code from said identity request at registration authority (see 

col. 9, lines 1-5, 44-64; col. 10, lines 10-17); 

sending said first hash code to said second entity (see col. 2, lines 38-45; col. 9, 
lines 44-64); 

creating a second hash code from said identity request by said second entity 
(see col. 2, lines 38-45); and 

verifying a validity of said first hash code by comparing it to said second has 
code before the signing of said response (see col. 9, lines 44-64). 
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25. Claim 19 rejected as above in rejecting claim 1 , before the step of issuing further 
comprising the steps of: 

sending a confirmation message to the address specified in said additional 
information of said entity (see col. 17, lines 33-67 to col. 18, lines 1-14); 

receiving a confirmation response to said confirmation message at said 
registration authority (see col. 17, lines 33-67 to col. 18, lines 1-14); and 

verifying the validity of said confirmation response (see col. 17, lines 33-67 to col. 
18, lines 1-14). 

26. Claim 20 rejected as above in rejecting claim 19, before the step of issuing 
further comprising the step of: 

canceling said issuing of said second electronic identity if said confirmation 
response is not received in a predetermined time period (see col. 25, lines 48-53). 

27. Claim 21 rejected as above in rejecting claim 1 , wherein said request for issuing 
said second certification for said entity is initiated by said third party (see col. 3, lines 
36-41; col. 23, lines 39-44). 

28. Claim 22 rejected as above in rejecting claim 1 , wherein said request for issuing 
said second certificate for said entity is initiated by said second entity (see col. 5, lines 
6-35). 

29. Claim 23 rejected as above in rejecting claim 2, wherein said request is digitally 
signed by said first entity before sending said request (see col. 5, lines 6-54). 

30. Claim 24 rejected as above in rejecting claim 2, wherein said request is 
encrypted before sending said request (see col. 8, lines 9-14, 40-50). 



# 
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31 . Claim 25 rejected as above in rejecting claim 1 , further comprising the step of: 
journalizing a log of all transaction during the issue process of said second 

electronic identity (see col. 3, lines 46-65). 

32. Claim 26 rejected as above in rejecting claim 2, wherein said second entity is one 
of the following set including mobile terminal, mobile phone, personal computer, set-top 
box, smart card, tamper proof device, security token, software agent, pager, terminal 
equipment, and personal digital assistant (PDA) (see col. 7, lines 6-25; col. 8, lines 22- 



39). 
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Conclusion 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Malkin et al. (U.S. Patent No. 6,028,938) disclose techniques for ensuring the 
security of forms data. 

Houvener et al. (U.S. Patent No. 5,790,674) disclose a system and method of 
providing system integrity and positive audit capabilities to a positive identification 
system. 

Sudia (U.S. Patent No. 5,799,086) discloses an enhanced cryptographic system 
and method with key escrow feature. 

Padgett et al. (U.S. Patent No. 6,167,518) disclose a digital signature providing 
non-repudiation based on biological indicia. 

Linchan (U.S. Patent No. 6,327,578) discloses a four-party credit/debit payment 
protocol. 

Muftic (U.S. Patent No. 5,745,574) discloses a security infrastructure for 
electronic transactions. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ahmedur Ali whose telephone number is 305-4667. The 
examiner can normally be reached on 8:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone numberjs_305-3900. 
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